<!DOCTYPE html>
<html lang="en">
<!--[if lt IE 7 ]><html class="ie ie6" lang="en"> <![endif]-->
<!--[if IE 7 ]><html class="ie ie7" lang="en"> <![endif]-->
<!--[if IE 8 ]><html class="ie ie8" lang="en"> <![endif]-->
<!--[if (gte IE 9)|!(IE)]><!-->
<head>
<meta charset="utf-8">
<title>The Apache OFBiz&reg; Project - Release Notes 17.12.04</title>
<meta name="Description" content="OFBiz is an open source enterprise automation software project licensed under the Apache License. It means you are not alone and can work with many others." />
<meta name="Robots" content="index,follow" />
<!-- Mobile Specific Metas
    ================================================== -->
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- CSS
    ================================================== -->
<!-- local fonts  -->
<link type="text/css" id="fonts" rel="stylesheet" href="/css/fonts.css">
<!-- Bootstrap  -->
<link type="text/css" rel="stylesheet" href="/bootstrap/css/bootstrap.min.css">
<!-- plugin css  -->
<link rel="stylesheet" type="text/css" href="/js/plugins/pretty-photo/css/prettyPhoto.css" />
<link rel="stylesheet" type="text/css" href="/js/plugins/rs-plugin/css/settings.css" media="screen" />
<link type="text/css" rel="stylesheet" href="/js/plugins/hoverdir/css/style.css">
<!-- icon fonts -->
<link type="text/css" rel="stylesheet" href="/font-icons/custom-icons/css/custom-icons.css">
<link type="text/css" rel="stylesheet" href="/font-icons/custom-icons/css/custom-icons-ie7.css">
<!-- Custom css -->
<link type="text/css" rel="stylesheet" href="/css/layout.css">
<link type="text/css" id="colors" rel="stylesheet" href="/css/colors.css">
<!--[if lt IE 9]><script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script><![endif]-->
<!--[if gte IE 9]><style type="text/css">.iconBig, .active, .hover a , .Shover a { filter: none !important; } </style> <![endif]-->
<script src="js/modernizr-2.6.1.min.js"></script>
<!-- Favicons
    ================================================== -->
<link rel="shortcut icon" href="/images/favicon.ico">
<link rel="apple-touch-icon" href="/images/apple-icon.png">
<link rel="apple-touch-icon" sizes="72x72" href="/images/apple-icon-72x72.png">
<link rel="apple-touch-icon" sizes="114x114" href="/images/apple-icon-114x114.png">
<link rel="apple-touch-icon" sizes="144x144" href="/images/apple-icon-144x144.png">
</head>
<body>
<!-- header -->
<header id="mainHeader" class="clearfix">
  <div class="navbar navbar-fixed-top">
    <div class="navbar-inner">
      <div class="container"> <a href="index.html" class="brand"><img src="images/ofbiz_logo.png" alt="Apache OFBiz Logo"/></a>
        <nav id="mainMenu" class="clearfix">
          <ul>
            <li><a href="index.html" class="firstLevel">Home</a></li>
            <li><a href="#" class="firstLevel">Getting Started</a>
              <ul>
                <li><a href="developers.html" class="">Developers</a></li>
                <li><a href="business-users.html" class="last">Business Users</a></li>
              </ul>
            </li>
            <li><a href="#" class="firstLevel">News</a>
              <ul>
                <li><a href="//blogs.apache.org/ofbiz/" target="external" class="last">Blog</a></li>
              </ul>
            </li>
            <li><a href="#" class="firstLevel">Documentation</a>
              <ul>
                <li><a href="//cwiki.apache.org/confluence/display/OFBIZ/Documentation" target="external" class="">User Documentation</a></li>
                <li><a href="//cwiki.apache.org/confluence/display/OFBIZ/Technical+Documentation" target="external" class="">Technical Documentation</a></li>
                <li><a href="//cwiki.apache.org/confluence/display/OFBIZ/Home" target="external" class="">Wiki</a></li>
                <li><a href="#" class="firstLevel">API Reference</a>
                  <ul>
                    <li title="Trunk API">
                      <a href="https://nightlies.apache.org/ofbiz/trunk/javadoc/" target="external">Trunk API</a></li>
                    </li>
                    <li title="Stable release  API">
                      <a href="https://nightlies.apache.org/ofbiz/stable/javadoc/" target="external">Stable Release API</a></li>
                    </li>
                    <li title="Next release API">
                      <a href="https://nightlies.apache.org/ofbiz/next/javadoc/" target="external">Next Release API</a></li>
                    </li>
                  </ul>
                </li>
              </ul>
            </li>
            <li><a href="#" class="firstLevel">Community</a>
              <ul>
                <li><a href="getting-involved.html">Getting Involved</a></li>
                <li><a href="mailing-lists.html">Mailing Lists</a></li>
                <li><a href="source-repositories.html">Source Repository</a></li>
                <li><a href="download.html">Downloads</a></li>
                <li><a href="https://s.apache.org/dsj2p" target="external" >Issue Tracker</a></li>
                <li><a href="faqs.html" class="last">FAQ</a></li>
              </ul>
            </li>
            <li><a href="ofbiz-demos.html" class="firstLevel">Demos</a></li>
          <li><a href="//www.youtube.com/user/ofbiz" class="icon-play socialIcon tips" target="external" title="follow us on Youtube"><span>Youtube</span></a></li>
          </ul>
        </nav>
      </div>
    </div>
  </div>
</header>
<!-- header -->
<!-- globalWrapper -->
<div id="globalWrapper">
 <!-- page content -->
 <section id="content" class="fullWidth">
    <header class="headerPage">
      <div class="container clearfix">
        <div class="row">
          <h1 class="span8">Release Notes 17.12.04</h1>
      <div class="span4" id="navTrail"> <a href="index.html" class="homeLink">home</a><span>/</span><a href="download.html">Download</a><span>/</span><span class="current">Release Notes 17.12.04</span> </div>
        </div>
      </div>
    </header>
  <section id="content" class="features" >
  <div class="slice clearfix">
      <div class="container">
<div class="row">
  <div>
  <p>Apache OFBiz&reg; 17.12.04, released in 2020-07-13, is the fourth release of the 17.12 series, that has been stabilized since December 2017.</p>

    
<h2>        Sub-task
</h2>
<ul>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11709'>OFBIZ-11709</a>] -         Prevent FreeMarker Template Injection (SSTI)
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11716'>OFBIZ-11716</a>] -         Apache OFBiz unsafe deserialization of XMLRPC arguments
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11752'>OFBIZ-11752</a>] -         CLONE - Check embedded Javascript libs vulnerabilities using retire.js
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11836'>OFBIZ-11836</a>] -         IDOR vulnerability in the order processing feature in ecommerce component
</li>
</ul>
            
<h2>        Bug
</h2>
<ul>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-6408'>OFBIZ-6408</a>] -         Adding a group order generates an error
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-6993'>OFBIZ-6993</a>] -         Cannot find the declaration of element &#39;web-app&#39; in version 3.0 files.
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-8459'>OFBIZ-8459</a>] -         InventoryItemStatus is not updated to INV_PROMISED status while creating sales order for serialized product
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-9476'>OFBIZ-9476</a>] -         UI issue in payment lookup.
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-9478'>OFBIZ-9478</a>] -         RequestHandlerException in dataResource and fixed asset lookup.
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-10538'>OFBIZ-10538</a>] -         Promised Datetime &amp; Current Promised Date values not getting updated in OISGIR Entity
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-10539'>OFBIZ-10539</a>] -         Issue with opening a page via bookmark when the user is logged out
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-10891'>OFBIZ-10891</a>] -         Send me this every month link is not working in order items section.
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-10904'>OFBIZ-10904</a>] -         Creating custom Time Period does not show in party time period
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-10975'>OFBIZ-10975</a>] -         Buttons on edit credit card page are shown twice
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11144'>OFBIZ-11144</a>] -         Create Exchange Order button on Return screen is distorted
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11294'>OFBIZ-11294</a>] -         EntityQuery queryCount is throwing error with distinct method
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11312'>OFBIZ-11312</a>] -         DatabaseUtil.getColumnInfo(...) does not retrieve primary keys due to connection-locks
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11356'>OFBIZ-11356</a>] -         FindOrders.ftl: paginateOrderList does not find orders on next page
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11401'>OFBIZ-11401</a>] -         getEntityRefData service has a weird issue
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11573'>OFBIZ-11573</a>] -         Incorrect column alias in EntitySQLProcessor for sql query working with mysql 
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11606'>OFBIZ-11606</a>] -         Compound-widget not works with condition
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11633'>OFBIZ-11633</a>] -         PartyProfileContent.js does not work
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11668'>OFBIZ-11668</a>] -         startup-service does not work without runtime-data-id
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11681'>OFBIZ-11681</a>] -         ListParty does not show middleName
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11714'>OFBIZ-11714</a>] -         Issue with redirect queryParameters when the user is logged out
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11745'>OFBIZ-11745</a>] -         plugins in common-theme/webapp/common/js is not monitored by git
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11785'>OFBIZ-11785</a>] -         ViewShipment in facility does not show phone details
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11787'>OFBIZ-11787</a>] -         Overview of shipments shows links to edit shipment. Should point to viewshipment
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11796'>OFBIZ-11796</a>] -         Unnecessary iterations for all productFacilities in setLastInventoryCount
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11822'>OFBIZ-11822</a>] -         Double encoded urls are not being decoded
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11842'>OFBIZ-11842</a>] -         Failed to load PDF document after &#39;Quick checkout&#39;
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11858'>OFBIZ-11858</a>] -         Console warning related to OrderHeader caching
</li>
</ul>
            
<h2>        New Feature
</h2>
<ul>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11094'>OFBIZ-11094</a>] -         Buildbot RAT for releases branches
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11691'>OFBIZ-11691</a>] -         Create a simple INSTALL file with minimum installation information and redirection to more documentation
</li>
</ul>
    
<h2>        Improvement
</h2>
<ul>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11665'>OFBIZ-11665</a>] -         Theme files loading taking longer time
</li>
<li>[<a href='https://issues.apache.org/jira/browse/OFBIZ-11879'>OFBIZ-11879</a>] -         Put the AsciiDoc files in main repo under the web site
</li>
</ul>
    

  </div>
</div>
</div>
</div>
</section>
</section><!-- footer -->
<footer class="footer1">
  <div class="container" id="footer">
    <div class="row">
      <div class="span6 timelineWidget">
      </div>
      <div class="span3 contactWidget">
        <h2>Contact Community</h2>
        <div class="divider"><span></span></div>
        <ul>
          <li><a href="mailing-lists.html">Mailing Lists</a></li>
          <li><a href="source-repositories.html">Source Repository (Git)</a></li>
          <li><a href="https://s.apache.org/dsj2p" target="external">Issue Tracker (Jira)</a></li>
          <li><a href="//www.youtube.com/user/ofbiz" target="external">OFBiz Youtube Channel</a></li>
          <li><a href="//vimeo.com/channels/apacheofbiz" target="external">OFBiz Vimeo Channel</a></li>
          <li>
            <a href="//s.apache.org/ofbiz-slack-channel" target="external">OFBiz Chat</a><br/>
            <span class="footer-note">
              Note: To chat with users and developers of Apache OFBiz.
              <br>Please create a Slack account using <a href="//s.apache.org/slack-invite" target="external">this invite link</a> and
              <a href="//s.apache.org/ofbiz-slack-channel" target="external">join the <b>#ofbiz channel</b>.</a>
              Please do <b>not</b> ask OFBiz questions in the #general channel.
            </span>
          </li>
          <li><a href="//cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+PMC+Members+and+Committers" target="external">Who we are</a></li>
        </ul>
      </div>
      <div class="span3 sociallWidget">
        <h2>ASF Information</h2>
        <div class="divider"><span></span></div>
        <ul>
          <li><a href="https://www.apache.org/foundation/" target="external">Apache Software Foundation</a></li>
          <li><a href="https://privacy.apache.org/policies/privacy-policy-public.html" target="external">Privacy Policy</a></li>
          <li><a href="https://www.apache.org/events/current-event" target="external">Events</a></li>
          <li><a href="https://www.apache.org/foundation/sponsorship.html" target="external">Sponsorship</a>
             and <a href="https://www.apache.org/foundation/contributing.html" target="external">Donations</a>
          </li>
          <li><a href="https://www.apache.org/foundation/thanks.html" target="external">Thanks</a></li>
          <li><a href="https://ofbiz.apache.org/security.html">Security</a></li>
          <li><a href="https://www.apache.org/licenses/" target="external">License</a></li>
        </ul>
      </div>
    </div>
  </div>
</footer>
<footer class="footer2" id="footerRights">
  <div class="container">
    <div class="row">
      <div class="span12">
        <p>
          Copyright © 2025 The Apache Software Foundation.
          <a href="https://www.apache.org/licenses/" target="external">Licensed under the  Apache License, Version 2.0</a>.<br/>
          Apache OFBiz, OFBiz, the project logo and the Apache feather logo are trademarks of <a href="https://www.apache.org/" target="external">The Apache Software Foundation.</a>
        </p>
      </div>
    </div>
  </div>
</footer>
<!-- footer -->
</div>
<!-- globalWrapper -->
<script type="text/javascript" src="js/plugins/respond/respond.min.js"></script>
<script type="text/javascript" src="js/jquery-1.12.4.min.js"></script>
<script type="text/javascript" src="js/jquery-migrate-1.0.0.min.js"></script>
<script type="text/javascript" src="js/plugins/jquery-browser-plugin/jquery.browser.min.js"></script>
<!-- third party plugins  -->
<script type="text/javascript" src="bootstrap/js/bootstrap.js"></script>
<script type="text/javascript" src="bootstrap/js/bootstrap-carousel.js"></script>
<script type="text/javascript" src="js/plugins/easing/jquery.easing.1.3.js"></script>
<script type="text/javascript" src="js/plugins/pretty-photo/js/jquery.prettyPhoto.js"></script>
<script type="text/javascript" src="js/plugins/hoverdir/jquery.hoverdir.js"></script>
<!-- jQuery KenBurn Slider  -->
<script type="text/javascript" src="js/plugins/rs-plugin/js/jquery.themepunch.plugins.min.js"></script>
<script type="text/javascript" src="js/plugins/rs-plugin/js/jquery.themepunch.revolution.min.js"></script>
<!-- Custom  -->
<script type="text/javascript" src="js/custom.js"></script>
<!-- Matomo -->
<script type="text/javascript">
  var _paq = window._paq = window._paq || [];
  /* tracker methods like "setCustomDimension" should be called before
"trackPageView" */
  /* We explicitly disable cookie tracking to avoid privacy issues */
  _paq.push(['disableCookies']);
  _paq.push(['trackPageView']);
  _paq.push(['enableLinkTracking']);
  (function() {
    var u="https://analytics.apache.org/";
    _paq.push(['setTrackerUrl', u+'matomo.php']);
    _paq.push(['setSiteId', '21']);
    var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
    g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
  })();
</script>
<!-- End Matomo Code -->
</body>
</html>
